Security Architecture

changlinn

In my last two roles I have done a fair bit of design work, and I enjoy it. I am wondering if there is a security Architecture certification that can recognise these kinds of experiences. I found Security University - Architecture Security but I know nothing of the company and not being in the same country and funding this on my own (work will repay the exam costs if successful) I am not sure about them.
Any others that I can do self study, or online?

JDMurray

The only professional IT certification for security architecture that I know right off the top of my head is the CISSP-ISSAP.

changlinn

I had completely forgotten ISSAP, ah well that shouldn't be too much of a stretch CISSP is on my roadmap, anyone recommend a decent book for self study?

JDMurray

Probably can't do much better than this: Amazon.com: Official (ISC)2® Guide to the ISSAP® CBK ((ISC)2 Press) (9781439800935): Harold F. Tipton: Books

dynamik

The official book is kind of weak. I've only paged through it, but there was A LOT of recap from the CISSP materials I've gone through. Given that I paid $70 for it, I feel pretty ripped off.

I haven't taken the exam yet, but if you're looking to learn about security architecture, you should pick up a copy of this book: Amazon.com: Enterprise Security Architecture: A Business-Driven Approach (9781578203185): John Sherwood, Andrew Clark, David Lynas: Books Like I said, I have no idea how well that maps to the (ISC)2 exam objectives.

John.Feist

The -ISSAP is on the DoD 8570. There is also the FITSP-D (Security Professional - Designer) which is NIST centered. The FITSI organization is going through the certification process at this time. This may be a good investment if you are interested in the NIST Risk Management Framework.

JDMurray

Check the CISSP-ISSAP Candidate Information Bulletin for the official reading list.